Phishing is the process of attempting to acquire sensitive information such as usernames, passwords or credit card details by masquerading as a trustworthy entity in an electronic communication. These are most often in the form of an email asking for personal information in order to "reactivate a suspended account" or "check on suspicious activity." Phishing emails often mimic the look and feel of an official email sent from an institution you trust, such as a bank, university, or credit card company. Although most "phishes" come as email, phishing scams can also come in the form of text messages (SMShing) and phone calls (Vishing).
If you are not sure if the email is legitimate, call the company, bank, or university to verify that the email was, in fact, sent from them.
Remember: No university, bank, or company will ever ask you to verify personal information via email.
For more information on phishing, please visit the Security Website at https://it.wisc.edu/wp-content/uploads/Tips-to-Avoid-Phishing-Scams-Brochure.pdf
To reduce the number of potentially malicious messages you receive, all inbound messages are scanned by an external vendor application. If the application determines that a message has a high likelihood of being a phish, the message is moved into the user's Junk folder (unless the user overrides it). Additionally, if phish/spam filter rules are also triggered, the message Subject line is modified with [SCAM] and a warning prepended to the body of the message.
Once messages are delivered to Inboxes, they are not scanned again by the email system. Users may rely on endpoint software protection such as antivirus, but those systems can be equally evaded. Sometimes phishing emails get through because the phishing email is structured cleverly enough to look like a legitimate message. That is the whole point - to trick the recipient into thinking it is a legitimate email so that they fall for the trap. Follow these steps in determining if an email that you received is a phishing email or a legitimate email.
If your account was disabled due to accidentally responding to a phishing scam, you must watch the following video on phishing (found at the bottom of the linked page): https://it.wisc.edu/guides/scams-to-avoid-protecting-your-online-identity/
Once you have watched the video, please contact the DoIT Help Desk at (608) 264-HELP. One of our senior agents will review your account to check for malicious activity, re-activate your NetID services, and reset your password.